Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

February 22, 2019

Safer Porn Viewing

Filed under: Cybersecurity,Porn — Patrick Durusau @ 3:30 pm

Threats to Users of Adult Websites in 2018 by Kaspersky Lab.


2018 was a year that saw campaigns to decrease online pornographic content and traffic. For example, one of the most adult-content friendly platforms – Tumblr – announced it was banning erotic content (even though almost a quarter of its users consume adult content). In addition, the UK received the title of ‘The Second Most Porn-Hungry Country in the World‘ and is now implementing a law on age-verification for pornography lovers that will prohibit anyone below the age of 18 to watch this sort of content. This is potentially opening a world of new tricks for scammers and threat actors to take advantage of users. In addition, even commercial giant Starbucks declared a ‘holy war’ on porn as it was revealed that many visitors prefer to have their coffee while consuming adult content, rather than listening to music or reading the latest headlines on news websites.
Such measures might well be valid, at least from a cybersecurity perspective, as the following example suggests. According to news reports last year, an extremely active adult website user, who turned out to be a government employee, dramatically failed to keep his hobby outside of the workplace. By accessing more than 9,000 web pages with adult content, he compromised his device and subsequently infected the entire network with malware, leaving it vulnerable to spyware attacks. This, and other examples confirm that adult content remains a controversial topic from both a social and cybersecurity standpoint.
It is no secret that digital pornography has long been associated with malware and cyberthreats. While some of these stories are now shown to be myths, others are very legitimate. A year ago, we conducted research on the malware hidden in pornography and found out that such threats are both real and effective. One of the key takeaways of last year’s report was the fact that cybercriminals not only use adult content in multiple ways – from lucrative decoys to make victims install malicious applications on their devices, to topical fraud schemes used to steal victims’ banking credentials and other personal information – but they also make money by stealing access to pornographic websites and reselling it at a cheaper price than the cost of a direct subscription.

The U.S. Government, being itself untrustworthy, doesn’t trust Kaspersky Lab. There’s an odd logic to that position, tinged by a desire for a domestic cybersecurity industry. A domestic industry that would be subject to the orders of the U.S. Government. What it now suspects of Kaspsersky.

You can read Kaspersky’s Three common myths about Kaspersky Lab, or ask yourself, would I cheat while holding 6.25 percent of the world market for Windows anti-malware software? If the answer is no, then trust Kaspersky Lab until you have facts that compel a different choice.

The report details which types porn carry the greatest risk for malware and common techniques used to deliver the same. (You are using a VPN and a Tor browser to view porn. Yes?)

I trust Kaspersky because unlike the U.S. Government, it has no record of running porn sites to entrap viewers. (The FBI likely ran nearly half the child porn sites on the dark web in 2016.) Enjoy the report.

October 30, 2018

Fake News about Russian Porn Infection

Filed under: Cybersecurity,Hacking,Porn — Patrick Durusau @ 7:49 pm

Porn-Watching Employee Infected Government Networks With Russian Malware, IG Says

From the post:

The agency’s inspector general traced the malicious software to a single unnamed USGS employee, who reportedly used a government-issued computer to visit some 9,000 adult video sites, according to a report published Oct. 17.

Many of the prohibited pages were linked to Russian websites containing malware, which was ultimately downloaded to the employee’s computer and used to infiltrate USGS networks, auditors found. The investigation found the employee saved much of the pornographic material on an unauthorized USB drive and personal Android cellphone, both of which were connected to their computer against agency protocols.

Many people breathed a sigh of relief when it was reported the USGS staff used their computer:

…to visit some 9,000 adult video site, …

They hadn’t visited 9,000 adult video sites and that’s a lot of sites, assuming you had other job duties.

Sorry to disappoint but the IG report says in fact:

…Many of the 9,000 web pages ****** visited routed through websites that originated in Russia and contained malware.

Ah, “9,000 web pages,” not “…9,000 adult video sites.” That’s quite a difference.

More than a few but a much more plausible number.

Aside from poor fact checking, the real lesson here is to realize porn is a great carrier for malware, if you didn’t know that already.

October 29, 2018

DeepCreamPy – Decensoring Hentai with Deep Neural Networks

Filed under: Deep Learning,Neural Networks,Porn — Patrick Durusau @ 4:18 pm

DeepCreamPy – Decensoring Hentai with Deep Neural Networks

From the webpage:

This project applies an implementation of Image Inpainting for Irregular Holes Using Partial Convolutions to the problem of hentai decensorship. Using a deep fully convolutional neural network, DeepCreamPy can replace censored artwork in hentai with plausible reconstructions. The user needs to specify the censored regions in each image by coloring those regions green in a separate image editing program like GIMP or Photoshop.

Limitations

The decensorship is intended to work on color hentai images that have minor to moderate censorship of the penis or vagina. If a vagina or penis is completely censored out, decensoring will be ineffective.

It does NOT work with:

  • Black and white/Monochrome image
  • Hentai containing screentones (e.g. printed hentai)
  • Real life porn
  • Censorship of nipples
  • Censorship of anus
  • Animated gifs/videos

… (emphasis in original)

Given the project limitations, there is a great opportunity for a major contribution.

Albeit I don’t know how “decensored drawings of anuses” would look on a resume. You might need to re-word that part.

What images do you want to decensor?

February 8, 2018

Porn, AI and Open Source Ethics

Filed under: Artificial Intelligence,Deep Learning,Open Source,Porn,TensorFlow — Patrick Durusau @ 4:18 pm

Google Gave the World Powerful AI Tools, and the World Made Porn With Them by Dave Gershgorn.

From the post:

In 2015, Google announced it would release its internal tool for developing artificial intelligence algorithms, TensorFlow, a move that would change the tone of how AI research and development would be conducted around the world. The means to build technology that could have an impact as profound as electricity, to borrow phrasing from Google’s CEO, would be open, accessible, and free to use. The barrier to entry was lowered from a Ph.D to a laptop.

But that also meant TensorFlow’s undeniable power was now out of Google’s control. For a little over two years, academia and Silicon Valley were still the ones making the biggest splashes with the software, but now that equation is changing. The catalyst is deepfakes, an anonymous Reddit user who built around AI software that automatically stitches any image of a face (nearly) seamlessly into a video. And you can probably imagine where this is going: As first reported by Motherboard, the software was being used to put anyone’s face, such as a famous woman or friend on Facebook, on the bodies of porn actresses.

After the first Motherboard story, the user created their own subreddit, which amassed more than 91,000 subscribers. Another Reddit user called deepfakeapp has also released a tool called FakeApp, which allows anyone to download the AI software and use it themselves, given the correct hardware. As of today, Reddit has banned the community, saying it violated the website’s policy on involuntary pornography.

According to FakeApp’s user guide, the software is built on top of TensorFlow. Google employees have pioneered similar work using TensorFlow with slightly different setups and subject matter, training algorithms to generate images from scratch. And there are plenty of potentially fun (if not inane) uses for deepfakes, like putting Nicolas Cage in a bunch of different movies. But let’s be real: 91,000 people were subscribed to deepfakes’ subreddit for the porn.

While much good has come from TensorFlow being open source, like potential cancer detection algorithms, FakeApp represents the dark side of open source. Google (and Microsoft and Amazon and Facebook) have loosed immense technological power on the world with absolutely no recourse. Anyone can download AI software and use it for anything they have the data to create. That means everything from faking political speeches (with help from the cadre of available voice-imitating AI) to generating fake revenge porn. All digital media is a series of ones and zeroes, and artificial intelligence is proving itself proficient at artfully arranging them to generate things that never happened.

You can imagine the rest or read the rest of Gershgon’s (deep voice): “dark side of open source.”

While you do, remember that Gershgon would have made the same claims about:

  1. Telephones
  2. Photography
  3. Cable television
  4. Internet
  5. etc.

The simplest rejoinder is that the world did not create porn with AI. A tiny subset of the world signed up to see porn created by an even smaller subset of the world.

The next simplest rejoinder is the realization that Gershgon wants a system that dictates ethics to users of open source software. Gershgon should empower an agency to enforce ethics on journalists and check back in a couple of years to report on their experience.

I’m willing to be ahead of time it won’t be a happy report.

Bottom line: Leave the ethics of open source software to the people using such software. May not always have a happy outcome but will always be better than the alternatives.

December 12, 2017

AI-Assisted Fake Porn Is Here… [Endless Possibilities]

Filed under: Artificial Intelligence,Government,Politics,Porn — Patrick Durusau @ 5:06 pm

AI-Assisted Fake Porn Is Here and We’re All Fucked by Samantha Cole.

From the post:

Someone used an algorithm to paste the face of ‘Wonder Woman’ star Gal Gadot onto a porn video, and the implications are terrifying.

There’s a video of Gal Gadot having sex with her stepbrother on the internet. But it’s not really Gadot’s body, and it’s barely her own face. It’s an approximation, face-swapped to look like she’s performing in an existing incest-themed porn video.

The video was created with a machine learning algorithm, using easily accessible materials and open-source code that anyone with a working knowledge of deep learning algorithms could put together.

It’s not going to fool anyone who looks closely. Sometimes the face doesn’t track correctly and there’s an uncanny valley effect at play, but at a glance it seems believable. It’s especially striking considering that it’s allegedly the work of one person—a Redditor who goes by the name ‘deepfakes’—not a big special effects studio that can digitally recreate a young Princess Leia in Rogue One using CGI. Instead, deepfakes uses open-source machine learning tools like TensorFlow, which Google makes freely available to researchers, graduate students, and anyone with an interest in machine learning.
… (emphasis in original)

Posts and tweets lamenting “fake porn” abound but where others see terrifying implications, I see boundless potential.

Spoiler: The nay-sayers are on the wrong side of history – The Erotic Engine: How Pornography has Powered Mass Communication, from Gutenberg to Google Paperback by Patchen Barss.

or,


“The industry has convincingly demonstrated that consumers are willing to shop online and are willing to use credit cards to make purchases,” said Frederick Lane in “Obscene Profits: The Entrepreneurs of Pornography in the Cyber Age.” “In the process, the porn industry has served as a model for a variety of online sales mechanisms, including monthly site fees, the provision of extensive free material as a lure to site visitors, and the concept of upselling (selling related services to people once they have joined a site). In myriad ways, large and small, the porn industry has blazed a commercial path that other industries are hastening to follow.”
… (PORN: The Hidden Engine That Drives Innovation In Tech)

Enough time remains before the 2018 mid-terms for you to learn the technology used by ‘deepfakes’ to produce campaign imagery.

Paul Ryan, current Speaker of the House, isn’t going to (voluntarily) participate in a video where he steals food from children or steps on their hands as they grab for bread crusts in the street.

The same techniques that produce fake porn could be used to produce viral videos of those very scenes and more.

Some people, well-intentioned no doubt, will protest that isn’t informing the electorate and debating the issues. For them I have only one question: Why do you like losing so much?

I would wager one good viral video against 100,000 pages of position papers, unread by anyone other than the tiresome drones who produce them.

If you insist on total authenticity, then take Ryan film clips on why medical care can’t be provided for children and run it split-screen with close up death rattles of dying children. 100% truthful. See how that plays in your local TV market.

Follow ‘deepfakes’ on Reddit and start experimenting today!

August 9, 2017

Defeat FBI Video Booby-Trap

Filed under: Cybersecurity,FBI,Government,Porn,Tor — Patrick Durusau @ 10:25 am

Joseph Cox details “…deanonymizing people in a targeted way using novel or unorthodox law enforcement techniques…” in The FBI Booby-Trapped a Video to Catch a Suspected Tor Sextortionist.

Not an attack on Tor per se but defeated the use of Tor none the less.

Can you spot the suspect’s error?

From the complaint:


F. Law Enforcement Identifies “Brian Kil’s” True IP Address

51. On June 9, 2017, the Honorable Debra McVicker Lynch authorized the execution of a Network Investigative Technique “NIT” (defined in Clause No. 1:17-mj-437) in order to ascertain the IP address associated with Brian Kil and Victim 2.

52. As set forth in the search warrant application presented to Judge Lynch, the FBI was authorized by the Court to add a small piece of code (NIT) to a normal video file produced by Victim 2, which did not contain any visual depictions of any minor engaged in sexually explicit activity. As authorized, the FBI then uploaded the video file containing the NIT to the Dropbox.com account known only to Kil and Victim 2. When Kil viewed the video containing the NIT on a computer, the NIT would disclose the true IP address associated with the computer used by Kil.

57. When Kil viewed the video containing the NIT on a computer the NIT disclosed the true IP address associated with the computer used by Kil.

Where did “Kil’s” opsec fail?

“Kil” viewed content of unknown origin on a networked computer.

“Kil” thought the content originated with Victim 2, but all remote content on the Internet should be treated as being of unknown origin.

No one knows if you are a dog on the Internet just as you don’t know if the FBI sent the video you are playing.

Content of unknown origin is examined and stays on non-networked computers. Copy text only to networked systems. If you need the original content, well, you have been warned.

You can see the full complaint at:
https://assets.documentcloud.org/documents/3914871/Hernandez-NIT-Complaint.pdf

Best practice: Remote content, even if from known source, is of unknown origin. (A comrade may have made the document, video, image, but government agents intercepted and infected it.)

PS: I’m no fan of sextortionists but I am concerned about the use of “booby-trapped” videos against political activists. (Makes you wonder about “jihadist” videos on YouTube doesn’t it?)

August 1, 2016

Threats Against Democracy – Try Threats Against “Innocent” Users

Filed under: Cybersecurity,Humor,Porn,Security — Patrick Durusau @ 12:50 pm

After posting about truth telling being a threat to democracy, in the eyes of some, I encountered: Facebook Phishing Scam Using Pornographic Images to Steal Login Data, which reads in part:

There is no way to stop cyber criminals from stealing login credentials of innocent social media users — Recently, one of the HackRead’s writers found a Facebook phishing scam targeting users and stealing their login data. What makes this phishing scam dangerous is the fact that apparently non of the phishing filters have detected any wrongdoing with the links used in this campaign.

Cyber criminals behind this scam have three motives one is to steal users’ login credentials, the second is to get some likes on their Facebook page and third is to profit financially. It starts with scammers posting a link in the comments section of several Facebook groups with a large thumbnail of a nude girl but to make it look like a legit link scammers also mention that video already got hundreds of comments, shares plus thousands of views. The description on the link goes something like this ”groups teen-girl-japannese-18-[retracted]–010 Click HERE to view video recorded 2.381 Likes, 749 Comments, 9.185 Views, 571 Share.”

Now there’s a serious security issue!

Taking advantage of users who are surfing Facebook for porn.

Talk about fishing (sorry) in the shallow end of the security pool.

Hard to say what other access could be leveraged using Facebook logins of such users.

Nuclear launch computers, remote admin at NSA, White House switchboard, free pizza line at Papa Johns. I take that back, Papa Johns probably has better OpSec than the others I mentioned. (That’s sarcasm for all the literalists in the crowd.)

Phishing With Pornography would make a great book title but I don’t know what sort of animal(s) should go on the cover. (Something from National Lampoon perhaps?)

Suggestions?

PS: If you think this indicates I have little sympathy for victims of pornography-based phishing schemes, take a point for your house.

July 25, 2016

PornHub Payday! $20,000!

Filed under: Cybersecurity,Porn,Security — Patrick Durusau @ 4:32 pm

PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website by Wang Wei.

From the post:

Cyber attacks get bigger, smarter, more damaging.

PornHub launched its bug bounty program two months ago to encourage hackers and bug bounty hunters to find and responsibly report flaws in its services and get rewarded.

Now, it turns out that the world’s most popular pornography site has paid its first bounty payout. But how much?

US $20,000!

Not every day that a porn site pays users!

While PHP has fixed the issue, be mindful there are plenty of unpatched versions of PHP in the wild.

Details of this attack can be found at: How we broke PHP, hacked Pornhub and earned $20,000 and Fuzzing Unserialize.

Any estimate of how many non-patched PHP installations are on sites ending in .gov or .com?

May 12, 2016

107,000 Anal Fisting Aficionados But No Senate Torture Report

Filed under: Cybersecurity,Porn,Security — Patrick Durusau @ 10:01 am

Huge embarrassment over fisting site data breach by John Leyden.

From the post:

A data breach at a forum for “anal fisting” has resulted in the exposure of 107,000 accounts.

Of course, ‘;–have i been pwned? plays the “I know something you don’t” game, loads the data but blocks searching.

I didn’t look hard for the data dump but for details sufficient to replicate this hack, see:

Another Day, Another Hack: Is Your Fisting Site Updating Its Forum Software? by Joseph Cox.

Quick search shows there are about 15K reports (including duplicates) on exposure of these 107,000 anal fisting aficionados.

It’s mildly amusing to think of the reactions of elected officials, military officers, etc., caught up in such data breach (sorry) but where is the full U.S. Senate Torture Report?

If you are going to risk jail time for hacking, shouldn’t it be for something more lasting than a list of anal fisters?

Is there a forum for nominating and voting on (anonymously) targets for hacking?

PS: Leaking data to ‘;–have i been pwned?, the International Consortium of Investigative Journalists or Wikileaks, etc., only empowers new exercises of privilege. Leak to them if you like but leak to the public as well.

May 11, 2016

Hunting Bugs In Porn Site (or How to Explain Your Browsing History)

Filed under: Cybersecurity,Porn,Security — Patrick Durusau @ 10:19 am

Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000 by Swati Khandelwal.

From the post:


The world’s most popular pornography site PornHub has launched a bug bounty program for security researchers and bug hunters who can find and report security vulnerabilities in its website.

Partnered with HackerOne, PornHub is offering to pay independent security researchers and bug hunters between $50 and $25,000, depending upon the impact of vulnerabilities they find. (emphasis in the original)

As always, there are some exclusions:


Vulnerabilities such as cross-site request forgery (CSRF), information disclosure, cross domain leakage, XSS attacks via Post requests, HTTPS related (such as HSTS), HttpOnly and Secure cookie flags, missing SPF records and session timeout will not be considered for the bounty program.

I take “information disclosure” to mean that if your hack involves NSA credentials it doesn’t count. Well, you can’t make it too easy.

The program is in beta so see Swati’s post for further details.

This PornHub program benefits people asked awkward questions about their browsing history.

Yes, you were looking at PornHub or related sites. You were doing “security research.”

Being in HR or accounting may make that claim less credible. 😉

August 15, 2014

Applauding The Ends, Not The Means

Filed under: Cybersecurity,Porn,Security — Patrick Durusau @ 4:25 pm

Microsoft scans email for child abuse images, leads to arrest‏ by Lisa Vaas.

From the post:

It’s not just Google.

Microsoft is also scanning for child-abuse images.

A recent tip-off from Microsoft to the National Center for Missing & Exploited Children (NCMEC) hotline led to the arrest on 31 July 2014 of a 20-year-old Pennsylvanian man in the US.

According to the affidavit of probable cause, posted on Smoking Gun, Tyler James Hoffman has been charged with receiving and sharing child-abuse images.

Shades of the days when Kodak would censor film submitted for development.

Lisa reviews the PhotoDNA techniques used by Microsoft and concludes:

The recent successes of PhotoDNA in leading both Microsoft and Google to ferret out child predators is a tribute to Microsoft’s development efforts in coming up with a good tool in the fight against child abuse.

In this particular instance, given this particular use of hash identifiers, it sounds as though those innocent of this particular type of crime have nothing to fear from automated email scanning.

No sane person supports child abuse so the outcome of the case doesn’t bother me.

However, the use of PhotoDNA isn’t limited to photos of abused children. The same technique could be applied to photos of police officers abusing protesters (wonder where you would find those?), etc.

Before anyone applauds Microsoft for taking the role of censor (in the Roman sense), remember that corporate policies change. The goals of email scanning may not be so agreeable tomorrow.

February 4, 2014

Sex and Big Data

Filed under: BigData,Porn — Patrick Durusau @ 8:31 pm

Sex and Big Data

A project to bring big data techniques to sexuality.

Datasets:

XHamster – approximately 800,000 entries.

Xnxx – approximately 1,200,000 entries.

I may have just missed it but you would expect a set of records from the porn videos on YouTube and Reddit. To say nothing of UseNet in the alt-sex-* groups.

Maybe I should post a note to the NSA. I am sure they have already cleaned and reconciled the data. Maybe they will post it as a public service. 😉

February 1, 2014

PornGram

Filed under: Porn — Patrick Durusau @ 11:54 am

PornGram

PornGram is an n-gram program that plots the evolution of word frequencies in almost 800,000 porn video titles from 2008 – 2012.

It will display random pairs of words or you can enter words separated by a comma.

It’s too bad that speech recognition isn’t good enough (I suppose) to transcript 800,000 porn videos. 😉

I first saw this in a tweet by Gregory Piatetsky

January 12, 2014

Porn capital of the porn nation

Filed under: Data,Porn,R — Patrick Durusau @ 9:09 pm

Porn capital of the porn nation by Gianluca Baio.

From the post:

The other day I was having a quick look to the newspapers and I stumbled on this article. Apparently, Pornhub (a website whose mission should be pretty clear) have analysed the data on their customers and found out that the town of Ware (Hertfordshire) has more demand for online porn than any other UK town. According to PornHub, a Ware resident will last 10 minutes 37 seconds (637 seconds) on its adult website, compared with the world average time of 8 minutes 56 seconds (just 536 seconds).

Gianluca walks you through data available from the Guardian with R, so you can reach your own conclusions.

I need to install Tableau Public before I can download the data set. Will update this post tomorrow.

Enjoy!

Update:

I installed Tableau Public on a Windows XP VM and then downloaded the data file. Turns out with the public version of Tableau there is no open local file option but if you double-click on the file, it will load and open.

Amusing but limited data set. Top five searches, etc.

The Porn Hub Stats page has other reports from the Porn Hub stats crew.

No data downloads for stats, tags, etc., although I did post a message to them asking about that sort of data.

I have just started playing with it but Tableau appears to be a really nice data visualization tool.

February 16, 2013

Deep Inside: A Study of 10,000 Porn Stars and Their Careers

Filed under: Data,Data Mining,Porn — Patrick Durusau @ 4:49 pm

Deep Inside: A Study of 10,000 Porn Stars and Their Careers by Jon Millward.

From the post:

For the first time, a massive data set of 10,000 porn stars has been extracted from the world’s largest database of adult films and performers. I’ve spent the last six months analyzing it to discover the truth about what the average performer looks like, what they do on film, and how their role has evolved over the last forty years.

I can now name the day when I became aware of the Internet Adult Film Database, today!

When you get through grinning, go take a look at the post. This is serious data analysis.

Complete with an idealized porn star face composite from the most popular porn stars.

Improve your trivia skills: What two states in the United States have one porn star each in the Internet Adult Film Database? (Jon has a map of the U.S. with distribution of porn stars.)

A full report with more details about the analysis is forthcoming.

I first saw this at Porn star demographics by Nathan Yau.

Powered by WordPress